diff --git a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/controllers/PageController.java b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/controllers/PageController.java index 053d2ae..bf71644 100644 --- a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/controllers/PageController.java +++ b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/controllers/PageController.java @@ -1,7 +1,11 @@ package eu.dnetlib.uoaadmintoolslibrary.controllers; +import com.mongodb.DuplicateKeyException; import eu.dnetlib.uoaadmintoolslibrary.entities.Page; import eu.dnetlib.uoaadmintoolslibrary.entities.fullEntities.PortalPage; +import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException; +import eu.dnetlib.uoaadmintoolslibrary.handlers.MismatchingContentException; +import eu.dnetlib.uoaadmintoolslibrary.handlers.utils.RolesUtils; import eu.dnetlib.uoaadmintoolslibrary.services.PageService; import org.apache.log4j.Logger; @@ -9,6 +13,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; import org.springframework.security.access.prepost.PreAuthorize; +import javax.validation.constraints.Null; import java.util.*; @RestController @@ -19,10 +24,14 @@ public class PageController { @Autowired private PageService pageService; + @Autowired + private RolesUtils rolesUtils; + // used by portals WITHOUT ANY PARAMS @RequestMapping(value = "/page/full", method = RequestMethod.GET) public List getPagesFull(@RequestParam(value="pid", required=false) String pid, @RequestParam(value="page_route", required=false) String page_route) { + // isEnabled is not filled!!! Do not use this method to get pages for specific pid - use getPagesForPortalByType instead. return pageService.getPagesFull(pid, page_route); } @@ -41,21 +50,62 @@ public class PageController { // } // used - @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") +// @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") @RequestMapping(value = "/page/update", method = RequestMethod.POST) public PortalPage updatePage(@RequestBody PortalPage portalPage) { + List roles = rolesUtils.getRoles(); + if(portalPage == null) { + throw new NullPointerException("Update page: portalPage is null"); + } + if(portalPage.getId() == null) { + // EXCEPTION - MismatchingContent + throw new MismatchingContentException("Update page: Page has no id."); + } + if(!rolesUtils.isPortalAdmin(roles) || ( + portalPage.getPortalPid() != null && !rolesUtils.hasUpdateAuthority(roles, portalPage.getPortalType(), portalPage.getPortalPid()))) { + // EXCEPTION - Access denied + throw new ForbiddenException("Update page: You are not authorized to update a page for "+portalPage.getPortalType()+ + (portalPage.getPortalPid()!=null ? " : "+portalPage.getPortalPid() : "")); + } + + Page existingPage = pageService.getPageByPortalTypeAndRoute(portalPage.getPortalType(), portalPage.getRoute(), portalPage.getPortalPid()); + if(existingPage != null && !existingPage.getId().equals(portalPage.getId())) { + throw new MismatchingContentException("Update page: There is already a page ("+existingPage.getId()+") with route: "+portalPage.getRoute() + " in "+ + portalPage.getPortalType() + (portalPage.getPortalPid() != null ? " : "+portalPage.getPortalPid() : "")); + } return pageService.updatePage(portalPage); } // used - @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") +// @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") @RequestMapping(value = "/page/save", method = RequestMethod.POST) public PortalPage insertPage(@RequestBody PortalPage portalPage) { + List roles = rolesUtils.getRoles(); + if(portalPage == null) { + throw new NullPointerException("Save page: portalPage is null"); + } + if(portalPage.getId() != null) { + // EXCEPTION - MismatchingContent + throw new MismatchingContentException("Save page: Page has already an id: "+portalPage.getId()); + } + if(!rolesUtils.isPortalAdmin(roles) || ( + portalPage.getPortalPid() != null && !rolesUtils.hasUpdateAuthority(roles, portalPage.getPortalType(), portalPage.getPortalPid()))) { + // EXCEPTION - Access denied + throw new ForbiddenException("Save page: You are not authorized to create a page for "+portalPage.getPortalType()+ + (portalPage.getPortalPid()!=null ? " : "+portalPage.getPortalPid() : "")); + } + + Page existingPage = pageService.getPageByPortalTypeAndRoute(portalPage.getPortalType(), portalPage.getRoute(), portalPage.getPortalPid()); + if(existingPage != null) { + throw new MismatchingContentException("Save page: There is already a page ("+existingPage.getId()+") with route: "+portalPage.getRoute() + " in "+ + portalPage.getPortalType() + (portalPage.getPortalPid() != null ? " : "+portalPage.getPortalPid() : "")); + } + return pageService.insertPage(portalPage); } // used - @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") +// @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)") @RequestMapping(value = "/page/delete", method = RequestMethod.POST) public Boolean deletePages(@RequestBody List pages) throws Exception { return pageService.deletePages(pages); diff --git a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/dao/MongoDBDAOs/MongoDBPageDAO.java b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/dao/MongoDBDAOs/MongoDBPageDAO.java index 7937b6e..a88d275 100644 --- a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/dao/MongoDBDAOs/MongoDBPageDAO.java +++ b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/dao/MongoDBDAOs/MongoDBPageDAO.java @@ -6,13 +6,19 @@ import java.util.List; import eu.dnetlib.uoaadmintoolslibrary.dao.PageDAO; import eu.dnetlib.uoaadmintoolslibrary.entities.Page; +import org.springframework.data.mongodb.repository.Query; public interface MongoDBPageDAO extends PageDAO, MongoRepository { List findAll(); - List findByPortalType(String portalType); + + @Query("{'portalType': ?0, 'portalPid': {$in: [?1, null] }}") + List findByPortalTypeAndPortalPidOrNull(String portalType, String portalPid); + List findByRoute(String route); - Page findByPortalTypeAndRoute(String portalType, String route); + @Query("{'portalType': ?0, 'route': ?1, 'portalPid': {$in: [?2, null] }}") + Page findByPortalTypeAndRouteAndPortalPidOrNull(String portalType, String route, String portalPid); + Page findById(String Id); Page save(Page page); @@ -20,4 +26,7 @@ public interface MongoDBPageDAO extends PageDAO, MongoRepository { void deleteAll(); void delete(String id); + +// List findByPortalTypeAndPortalPidOrNull(String portalType, String portalPid); +// List findByPortalPidNullAndPortalTypeOrPortalPidAndPortalType(String portalType1, String portalPid, String portalType2); } \ No newline at end of file diff --git a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/dao/PageDAO.java b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/dao/PageDAO.java index 65109b1..0cea56b 100644 --- a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/dao/PageDAO.java +++ b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/dao/PageDAO.java @@ -3,13 +3,19 @@ package eu.dnetlib.uoaadmintoolslibrary.dao; import java.util.List; import eu.dnetlib.uoaadmintoolslibrary.entities.Page; +import org.springframework.data.mongodb.repository.Query; public interface PageDAO { List findAll(); - List findByPortalType(String portalType); + + @Query("{'portalType': ?0, 'portalPid': {$in: [?1, null] }}") + List findByPortalTypeAndPortalPidOrNull(String portalType, String portalPid); + List findByRoute(String route); - Page findByPortalTypeAndRoute(String portalType, String route); + @Query("{'portalType': ?0, 'route': ?1, 'portalPid': {$in: [?2, null] }}") + Page findByPortalTypeAndRouteAndPortalPidOrNull(String portalType, String route, String portalPid); + Page findById(String Id); Page save(Page page); diff --git a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/entities/Page.java b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/entities/Page.java index 596e9dc..fb93978 100644 --- a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/entities/Page.java +++ b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/entities/Page.java @@ -15,6 +15,7 @@ public class Page { private String type; private List entities; private PortalType portalType; // explore, connect, community, monitor + private String portalPid; // e.g. covid-19, egi, ... // private Boolean connect; // private Boolean communities; @@ -84,6 +85,14 @@ public class Page { } } + public String getPortalPid() { + return portalPid; + } + + public void setPortalPid(String portalPid) { + this.portalPid = portalPid; + } + public Boolean getTop() { return top; } diff --git a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/entities/fullEntities/PortalPage.java b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/entities/fullEntities/PortalPage.java index 80764ee..ddb7e35 100644 --- a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/entities/fullEntities/PortalPage.java +++ b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/entities/fullEntities/PortalPage.java @@ -21,6 +21,7 @@ public class PortalPage { private List entities; private Boolean isEnabled; private PortalType portalType; // explore, connect, community, monitor + private String portalPid; // e.g. covid-19, egi, ... // private Boolean connect; // private Boolean communities; @@ -40,6 +41,7 @@ public class PortalPage { this.setName(page.getName()); this.setType(page.getType()); this.setPortalType(page.getPortalType()); + this.setPortalPid(page.getPortalPid()); this.setTop(page.getTop()); this.setBottom(page.getBottom()); this.setLeft(page.getLeft()); @@ -102,6 +104,14 @@ public class PortalPage { } } + public String getPortalPid() { + return portalPid; + } + + public void setPortalPid(String portalPid) { + this.portalPid = portalPid; + } + public Boolean getTop() { return top; } diff --git a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/handlers/AdminToolsLibraryExceptionsHandler.java b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/handlers/AdminToolsLibraryExceptionsHandler.java index f57b9b3..e39db7d 100644 --- a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/handlers/AdminToolsLibraryExceptionsHandler.java +++ b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/handlers/AdminToolsLibraryExceptionsHandler.java @@ -44,7 +44,7 @@ public class AdminToolsLibraryExceptionsHandler { response.setErrorMessage(ex.getMessage()); response.setErrors(ex.getMessage()); response.setStatus(HttpStatus.NOT_FOUND); - log.error("contentNotFound exception: " + response.getErrorCode()+ " "+response.getErrorMessage()); + log.error("contentNotFound exception: " + response.getErrorCode()+ " - "+response.getErrorMessage()); return new ResponseEntity(response, HttpStatus.NOT_FOUND); } @@ -55,7 +55,7 @@ public class AdminToolsLibraryExceptionsHandler { response.setErrorMessage("Null pointer Exception"); response.setErrors(ex.getMessage()); response.setStatus(HttpStatus.BAD_REQUEST); - log.error("nullPointerException exception"); + log.error("nullPointerException exception" + response.getErrorCode()+ " - "+response.getErrorMessage()); return new ResponseEntity(response, HttpStatus.BAD_REQUEST); } diff --git a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PageHelpContentService.java b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PageHelpContentService.java index ea3ef5f..5e6b5fc 100644 --- a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PageHelpContentService.java +++ b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PageHelpContentService.java @@ -175,8 +175,8 @@ public class PageHelpContentService { return true; } - public void addPageHelpContentsInPortal(String portalId, String portalType) { - Page organizationsPage = pageService.getPageByPortalTypeAndRoute(portalType, "/organizations"); + public void addPageHelpContentsInPortal(String portalId, String portalType, String portalPid) { + Page organizationsPage = pageService.getPageByPortalTypeAndRoute(portalType, "/organizations", portalPid); if(organizationsPage != null) { String organizations_page_content = "

Here you can write more details about the organizations related to your community.

"; @@ -185,7 +185,7 @@ public class PageHelpContentService { pageHelpContentDAO.save(organizations_pageHelpContent); } - Page depositLearnHowPage = pageService.getPageByPortalTypeAndRoute(portalType, "/participate/deposit/learn-how"); + Page depositLearnHowPage = pageService.getPageByPortalTypeAndRoute(portalType, "/participate/deposit/learn-how", portalPid); if(depositLearnHowPage != null) { String depositLearnHow_page_content = "" + "
" + diff --git a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PageService.java b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PageService.java index 724455f..d64e741 100644 --- a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PageService.java +++ b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PageService.java @@ -9,6 +9,10 @@ import eu.dnetlib.uoaadmintoolslibrary.entities.fullEntities.DivHelpContentRespo import eu.dnetlib.uoaadmintoolslibrary.entities.fullEntities.PageHelpContentResponse; import eu.dnetlib.uoaadmintoolslibrary.entities.fullEntities.PortalPage; +import eu.dnetlib.uoaadmintoolslibrary.handlers.ContentNotFoundException; +import eu.dnetlib.uoaadmintoolslibrary.handlers.ForbiddenException; +import eu.dnetlib.uoaadmintoolslibrary.handlers.MismatchingContentException; +import eu.dnetlib.uoaadmintoolslibrary.handlers.utils.RolesUtils; import org.apache.log4j.Logger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -19,6 +23,9 @@ import java.util.*; public class PageService { private final Logger log = Logger.getLogger(this.getClass()); + @Autowired + private RolesUtils rolesUtils; + @Autowired private PageDAO pageDAO; @@ -72,12 +79,12 @@ public class PageService { if (page_route != null) { pages = new ArrayList(); - Page page = pageDAO.findByPortalTypeAndRoute(portalType, page_route); + Page page = pageDAO.findByPortalTypeAndRouteAndPortalPidOrNull(portalType, page_route, pid); if(page != null) { pages.add(page); } } else { - pages = pageDAO.findByPortalType(portalType); + pages = pageDAO.findByPortalTypeAndPortalPidOrNull(portalType, pid); } } else if (page_route != null) { pages = pageDAO.findByRoute(page_route); @@ -113,18 +120,18 @@ public class PageService { return pages; } - public List getPagesByPortalType(String portalType) { + public List getPagesByPortalType(String portalType, String portalPid) { if (portalType == null) { return null; } - return pageDAO.findByPortalType(portalType); + return pageDAO.findByPortalTypeAndPortalPidOrNull(portalType, portalPid); } - public Page getPageByPortalTypeAndRoute(String portalType, String page_route) { + public Page getPageByPortalTypeAndRoute(String portalType, String page_route, String portalPid) { if (page_route == null || portalType == null) { return null; } - return pageDAO.findByPortalTypeAndRoute(portalType, page_route); + return pageDAO.findByPortalTypeAndRouteAndPortalPidOrNull(portalType, page_route, portalPid); } public void deleteAllPages() { @@ -143,12 +150,28 @@ public class PageService { } public PortalPage insertPage(PortalPage portalPage) { + // add page in portals + List portals = null; + if(portalPage.getPortalPid() == null) { + portals = portalService.getAllPortalsByType(portalPage.getPortalType()); + } else { + Portal portal = portalService.getPortal(portalPage.getPortalPid()); + if(portal == null) { + // EXCEPTION - MismatchingContent + throw new ContentNotFoundException("Insert page: No portal found with pid: "+portalPage.getPortalPid()); + } + portals = new ArrayList<>(); + portals.add(portal); + } + + if(portals == null || portals.size() == 0) { + throw new ContentNotFoundException("No portlas found with type: "+portalPage.getPortalType()); + } + Page page = this.getPageByPortalPage(portalPage); Page savedPage = pageDAO.save(page); portalPage.setId(savedPage.getId()); - // add page in portals - List portals = portalService.getAllPortalsByType(portalPage.getPortalType()); for( Portal portal : portals ) { Map pages = portal.getPages(); pages.put(page.getId(), true); @@ -166,6 +189,7 @@ public class PageService { page.setName(portalPage.getName()); page.setType(portalPage.getType()); page.setPortalType(portalPage.getPortalType()); + page.setPortalPid(portalPage.getPortalPid()); page.setTop(portalPage.getTop()); page.setBottom(portalPage.getBottom()); page.setLeft(portalPage.getLeft()); @@ -217,9 +241,22 @@ public class PageService { } public Boolean deletePages(List pages) throws Exception { + List roles = rolesUtils.getRoles(); + for (String id: pages) { Page page = pageDAO.findById(id); + if(page == null) { + throw new NullPointerException("Delete page: no page with id: "+id); + } + + if(!rolesUtils.isPortalAdmin(roles) || ( + page.getPortalPid() != null && !rolesUtils.hasUpdateAuthority(roles, page.getPortalType(), page.getPortalPid()))) { + // EXCEPTION - Access denied + throw new ForbiddenException("Delete page: You are not authorized to delete a page for "+page.getPortalType()+ + (page.getPortalPid()!=null ? " : "+page.getPortalPid() : "")); + } + // delete divIds related only to this page from all portals, otherwise remove this page from divIds List divIds = divIdService.getDivIds(id, null, null); for(DivId divId : divIds) { @@ -248,12 +285,22 @@ public class PageService { } // delete page from portals - List portals = portalService.getAllPortalsByType(page.getPortalType()); - for( Portal portal : portals ) { - Map portalPages = portal.getPages(); - portalPages.remove(id); - portal.setPages(portalPages); - portalService.insertOrUpdatePortal(portal); + List portals; + if(page.getPortalPid() == null) { + portals = portalService.getAllPortalsByType(page.getPortalType()); + } else { + Portal portal = portalService.getPortal(page.getPortalPid()); + portals = new ArrayList<>(); + portals.add(portal); + } + + if(portals != null) { + for (Portal portal : portals) { + Map portalPages = portal.getPages(); + portalPages.remove(id); + portal.setPages(portalPages); + portalService.insertOrUpdatePortal(portal); + } } pageDAO.delete(id); diff --git a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PortalService.java b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PortalService.java index 5e5ad66..789e5ee 100644 --- a/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PortalService.java +++ b/src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PortalService.java @@ -155,7 +155,7 @@ public class PortalService { portalEntities.add(portalEntity); } - for(Page page : pageService.getPagesByPortalType(portal.getType())) { + for(Page page : pageService.getPagesByPortalType(portal.getType(), portal.getPid())) { pages.put(page.getId(), true); PortalPage portalPage = new PortalPage(page); @@ -182,7 +182,7 @@ public class PortalService { String id = savedPortal.getId(); divHelpContentService.addDivHelpContentsInPortal(id, savedPortal.getType()); - pageHelpContentService.addPageHelpContentsInPortal(id, savedPortal.getType()); + pageHelpContentService.addPageHelpContentsInPortal(id, savedPortal.getType(), savedPortal.getPid()); return portalResponse; } @@ -339,6 +339,10 @@ public class PortalService { } Page p = pageService.getPage(page.getKey()); + if(p == null) { + // EXCEPTION - MismatchingContent + throw new MismatchingContentException("get pages by portal type: Portal with id: "+portal.getId()+" has a page id: "+page.getKey()+" which does not match with any page"); + } if (with_positions != null) { boolean at_least_one_position = Boolean.parseBoolean(with_positions);