Fix a bug on assign role if both session and email are present
This commit is contained in:
parent
959ba82d44
commit
de9fa97e72
|
@ -13,14 +13,13 @@ import eu.dnetlib.dnetrolemanagement.utils.AuthoritiesUtils;
|
|||
import eu.dnetlib.dnetrolemanagement.utils.JsonUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.atomic.AtomicBoolean;
|
||||
|
||||
@RestController
|
||||
@RequestMapping("/admin")
|
||||
|
@ -56,40 +55,52 @@ public class AdminController {
|
|||
* Assign admin role to logged in user or user with @email
|
||||
*/
|
||||
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.POST)
|
||||
@PreAuthorize("hasAuthority('REGISTERED_USER') || @registryService.getCoPersonIdsByEmail(#email).size() > 0")
|
||||
public ResponseEntity<Response> assignRole(@PathVariable("type") String type, @PathVariable("id") String id, @RequestParam(required = false) String email) {
|
||||
Integer coPersonId = (email != null) ? registryService.getCoPersonIdsByEmail(email).get(0) : registryService.getCoPersonIdByIdentifier();
|
||||
if (coPersonId != null) {
|
||||
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
|
||||
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
|
||||
if (coPersonIds.size() > 0) {
|
||||
Integer couId = registryService.getCouId(type, id);
|
||||
if (couId != null) {
|
||||
Integer role = registryService.getRoleId(coPersonId, couId);
|
||||
if (role != null) {
|
||||
if (registryService.getUserAdminGroup(coPersonId, couId) == null) {
|
||||
registryService.assignAdminRole(coPersonId, couId);
|
||||
authoritiesUpdater.update(identifier, old -> {
|
||||
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
||||
authorities.add(new SimpleGrantedAuthority(AuthoritiesUtils.manager(type, id)));
|
||||
return authorities;
|
||||
});
|
||||
return ResponseEntity.ok(new Response("Role has been assigned successfully"));
|
||||
AtomicBoolean assigned = new AtomicBoolean(false);
|
||||
coPersonIds.forEach(coPersonId -> {
|
||||
if(assignRoleToAccount(coPersonId, couId, type, id)) {
|
||||
assigned.set(true);
|
||||
}
|
||||
throw new ConflictException("User is already an admin of this group");
|
||||
});
|
||||
if(assigned.get()) {
|
||||
return ResponseEntity.ok(new Response("Role has been assigned successfully"));
|
||||
} else {
|
||||
throw new UnprocessableException("User must be a member of this group and not already admin");
|
||||
}
|
||||
throw new UnprocessableException("User must be member of this group in order to become an admin.");
|
||||
}
|
||||
throw new ResourceNotFoundException("Role has not been found");
|
||||
}
|
||||
throw new ResourceNotFoundException("User has not been found");
|
||||
}
|
||||
|
||||
private boolean assignRoleToAccount(Integer coPersonId, Integer couId, String type, String id) {
|
||||
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
|
||||
Integer role = registryService.getRoleId(coPersonId, couId);
|
||||
if (role != null) {
|
||||
if (registryService.getUserAdminGroup(coPersonId, couId) == null) {
|
||||
registryService.assignAdminRole(coPersonId, couId);
|
||||
authoritiesUpdater.update(identifier, old -> {
|
||||
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
||||
authorities.add(new SimpleGrantedAuthority(AuthoritiesUtils.manager(type, id)));
|
||||
return authorities;
|
||||
});
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove admin role from logged in user or user with @email
|
||||
*/
|
||||
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.DELETE)
|
||||
@PreAuthorize("hasAuthority('REGISTERED_USER') || @registryService.getCoPersonIdsByEmail(#email).size() > 0")
|
||||
public ResponseEntity<Response> removeRole(@PathVariable("type") String type, @PathVariable("id") String id, @RequestParam(required = false) String email) {
|
||||
List<Integer> coPersonIds = (email != null) ? registryService.getCoPersonIdsByEmail(email) : Collections.singletonList(registryService.getCoPersonIdByIdentifier());
|
||||
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
|
||||
if (coPersonIds.size() > 0) {
|
||||
Integer couId = registryService.getCouId(type, id);
|
||||
if (couId != null) {
|
||||
|
|
|
@ -44,7 +44,7 @@ public class MemberController {
|
|||
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.GET)
|
||||
public ResponseEntity<User[]> getInfos(@PathVariable("type") String type, @PathVariable("id") String id) {
|
||||
Integer couId = registryService.getCouId(type, id);
|
||||
if(couId != null) {
|
||||
if (couId != null) {
|
||||
JsonArray users = registryService.getUserIdByCouId(couId, false);
|
||||
JsonArray emails = registryService.getUserEmailByCouId(couId, false);
|
||||
JsonArray names = registryService.getUserNamesByCouId(couId, false);
|
||||
|
@ -57,19 +57,20 @@ public class MemberController {
|
|||
* Assign member role to logged in user or user with @email
|
||||
*/
|
||||
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.POST)
|
||||
@PreAuthorize("hasAuthority('REGISTERED_USER') || @registryService.getCoPersonIdsByEmail(#email).size() > 0")
|
||||
public ResponseEntity<Response> assignRole(@PathVariable("type") String type, @PathVariable("id") String id, @RequestParam(required = false) String email) {
|
||||
Integer coPersonId = (email != null)?registryService.getCoPersonIdsByEmail(email).get(0):registryService.getCoPersonIdByIdentifier();
|
||||
if (coPersonId != null) {
|
||||
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
|
||||
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
|
||||
if (coPersonIds.size() > 0) {
|
||||
Integer couId = registryService.getCouId(type, id);
|
||||
if (couId != null) {
|
||||
Integer role = registryService.getRoleId(coPersonId, couId);
|
||||
registryService.assignMemberRole(coPersonId, couId, role);
|
||||
authoritiesUpdater.update(identifier, old -> {
|
||||
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
||||
authorities.add(new SimpleGrantedAuthority(AuthoritiesUtils.member(type, id)));
|
||||
return authorities;
|
||||
coPersonIds.forEach(coPersonId -> {
|
||||
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
|
||||
Integer role = registryService.getRoleId(coPersonId, couId);
|
||||
registryService.assignMemberRole(coPersonId, couId, role);
|
||||
authoritiesUpdater.update(identifier, old -> {
|
||||
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>((Collection<? extends SimpleGrantedAuthority>) old);
|
||||
authorities.add(new SimpleGrantedAuthority(AuthoritiesUtils.member(type, id)));
|
||||
return authorities;
|
||||
});
|
||||
});
|
||||
return ResponseEntity.ok(new Response("Role has been assigned successfully"));
|
||||
}
|
||||
|
@ -82,14 +83,13 @@ public class MemberController {
|
|||
* Remove member role from logged in user or user with @email
|
||||
*/
|
||||
@RequestMapping(value = "/{type}/{id}", method = RequestMethod.DELETE)
|
||||
@PreAuthorize("hasAuthority('REGISTERED_USER') || @registryService.getCoPersonIdsByEmail(#email).size() > 0")
|
||||
public ResponseEntity<Response> removeRole(@PathVariable("type") String type, @PathVariable("id") String id, @RequestParam(required = false) String email) {
|
||||
List<Integer> coPersonIds = (email != null) ? registryService.getCoPersonIdsByEmail(email) : Collections.singletonList(registryService.getCoPersonIdByIdentifier());
|
||||
List<Integer> coPersonIds = registryService.getCoPersonIdsByEmail(email);
|
||||
if (coPersonIds.size() > 0) {
|
||||
Integer couId = registryService.getCouId(type, id);
|
||||
if (couId != null) {
|
||||
// If none of the accounts has admin role for this group remove member role
|
||||
if(coPersonIds.stream().filter(coPersonId -> registryService.getUserAdminGroup(coPersonId, couId) != null).collect(Collectors.toList()).size() == 0) {
|
||||
if (coPersonIds.stream().filter(coPersonId -> registryService.getUserAdminGroup(coPersonId, couId) != null).collect(Collectors.toList()).size() == 0) {
|
||||
coPersonIds.forEach(coPersonId -> {
|
||||
String identifier = registryService.getIdentifierByCoPersonId(coPersonId);
|
||||
Integer role = registryService.getRoleId(coPersonId, couId);
|
||||
|
@ -116,7 +116,7 @@ public class MemberController {
|
|||
@RequestMapping(value = "/{type}/{id}/name", method = RequestMethod.GET)
|
||||
public ResponseEntity<User[]> getNames(@PathVariable("type") String type, @PathVariable("id") String id) {
|
||||
Integer couId = registryService.getCouId(type, id);
|
||||
if(couId != null) {
|
||||
if (couId != null) {
|
||||
JsonArray users = registryService.getUserNamesByCouId(couId, false);
|
||||
return ResponseEntity.ok(gson.fromJson(users, User[].class));
|
||||
}
|
||||
|
@ -129,7 +129,7 @@ public class MemberController {
|
|||
@RequestMapping(value = "/{type}/{id}/id", method = RequestMethod.GET)
|
||||
public ResponseEntity<User[]> getIds(@PathVariable("type") String type, @PathVariable("id") String id) {
|
||||
Integer couId = registryService.getCouId(type, id);
|
||||
if(couId != null) {
|
||||
if (couId != null) {
|
||||
JsonArray users = registryService.getUserIdByCouId(couId, false);
|
||||
return ResponseEntity.ok(gson.fromJson(users, User[].class));
|
||||
}
|
||||
|
@ -142,7 +142,7 @@ public class MemberController {
|
|||
@RequestMapping(value = "/{type}/{id}/email", method = RequestMethod.GET)
|
||||
public ResponseEntity<User[]> getEmails(@PathVariable("type") String type, @PathVariable("id") String id) {
|
||||
Integer couId = registryService.getCouId(type, id);
|
||||
if(couId != null) {
|
||||
if (couId != null) {
|
||||
JsonArray users = registryService.getUserEmailByCouId(couId, false);
|
||||
return ResponseEntity.ok(gson.fromJson(users, User[].class));
|
||||
}
|
||||
|
|
|
@ -12,10 +12,7 @@ import org.springframework.beans.factory.annotation.Autowired;
|
|||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.*;
|
||||
|
||||
@Service
|
||||
public class RegistryService {
|
||||
|
@ -39,18 +36,23 @@ public class RegistryService {
|
|||
* 1.1 Get CoPersonId by Email
|
||||
*/
|
||||
public List<Integer> getCoPersonIdsByEmail(String email) {
|
||||
List<Integer> coPersonIds = new ArrayList<>();
|
||||
Map<String, String> params = new HashMap<>();
|
||||
params.put("coid", coid);
|
||||
params.put("mail", email);
|
||||
JsonElement response = httpUtils.get("co_people.json", params);
|
||||
if (response != null) {
|
||||
JsonArray coPeople = response.getAsJsonObject().get("CoPeople").getAsJsonArray();
|
||||
for (int i = 0; i < coPeople.size(); i++) {
|
||||
coPersonIds.add(coPeople.get(i).getAsJsonObject().get("Id").getAsInt());
|
||||
if(email != null) {
|
||||
List<Integer> coPersonIds = new ArrayList<>();
|
||||
Map<String, String> params = new HashMap<>();
|
||||
params.put("coid", coid);
|
||||
params.put("mail", email);
|
||||
JsonElement response = httpUtils.get("co_people.json", params);
|
||||
if (response != null) {
|
||||
JsonArray coPeople = response.getAsJsonObject().get("CoPeople").getAsJsonArray();
|
||||
for (int i = 0; i < coPeople.size(); i++) {
|
||||
coPersonIds.add(coPeople.get(i).getAsJsonObject().get("Id").getAsInt());
|
||||
}
|
||||
}
|
||||
return coPersonIds;
|
||||
} else {
|
||||
Integer coPersonId = getCoPersonIdByIdentifier();
|
||||
return (coPersonId != null)? Collections.singletonList(coPersonId):new ArrayList<>();
|
||||
}
|
||||
return coPersonIds;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in New Issue