Fix RoleUtils methods

src/main/java/eu/dnetlib/uoaadmintoolslibrary/controllers/PageController.java

@@ -51,7 +51,6 @@ public class PageController {
 //    @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
     @RequestMapping(value = "/page/update", method = RequestMethod.POST)
     public PortalPage updatePage(@RequestBody PortalPage portalPage) {
-        List<String> roles = rolesUtils.getRoles();
         if(portalPage == null) {
             throw new NullPointerException("Update page: portalPage is null");
         }
@@ -59,8 +58,8 @@ public class PageController {
             // EXCEPTION - MismatchingContent
             throw new MismatchingContentException("Update page: Page has no id.");
         }
-        if(!rolesUtils.isPortalAdmin(roles) || (
+        if(!rolesUtils.isPortalAdmin() || (
-                portalPage.getPortalPid() != null && !rolesUtils.hasUpdateAuthority(roles, portalPage.getPortalType(), portalPage.getPortalPid()))) {
+                portalPage.getPortalPid() != null && !rolesUtils.hasUpdateAuthority(portalPage.getPortalType(), portalPage.getPortalPid()))) {
             // EXCEPTION - Access denied
             throw new ForbiddenException("Update page: You are not authorized to update  a page for "+portalPage.getPortalType()+
                     (portalPage.getPortalPid()!=null ? " : "+portalPage.getPortalPid() : ""));
@@ -78,7 +77,6 @@ public class PageController {
 //    @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
     @RequestMapping(value = "/page/save", method = RequestMethod.POST)
     public PortalPage insertPage(@RequestBody PortalPage portalPage) {
-        List<String> roles = rolesUtils.getRoles();
         if(portalPage == null) {
             throw new NullPointerException("Save page: portalPage is null");
         }
@@ -86,8 +84,8 @@ public class PageController {
             // EXCEPTION - MismatchingContent
             throw new MismatchingContentException("Save page: Page has already an id: "+portalPage.getId());
         }
-        if(!rolesUtils.isPortalAdmin(roles) || (
+        if(!rolesUtils.isPortalAdmin() || (
-                portalPage.getPortalPid() != null && !rolesUtils.hasUpdateAuthority(roles, portalPage.getPortalType(), portalPage.getPortalPid()))) {
+                portalPage.getPortalPid() != null && !rolesUtils.hasUpdateAuthority(portalPage.getPortalType(), portalPage.getPortalPid()))) {
             // EXCEPTION - Access denied
             throw new ForbiddenException("Save page: You are not authorized to create a page for "+portalPage.getPortalType()+
                     (portalPage.getPortalPid()!=null ? " : "+portalPage.getPortalPid() : ""));
@@ -132,4 +130,4 @@ public class PageController {
 //    public Page togglePageEntity(@PathVariable(value = "id") String id, @RequestParam String entityId, @RequestParam String status) throws Exception {
 //        return pageService.togglePageEntity(id, entityId, status);
 //    }
-}
+}

src/main/java/eu/dnetlib/uoaadmintoolslibrary/handlers/utils/RolesUtils.java

@@ -11,6 +11,7 @@ import org.springframework.stereotype.Component;
 
 @Component
 public class RolesUtils {
+
     @Autowired
     private AuthorizationService authorizationService;
 
@@ -28,54 +29,31 @@ public class RolesUtils {
         return authorizationService.getAaiId();
     }
 
-    public boolean isPortalAdmin(List<String> roles) {
+    public boolean isPortalAdmin() {
-        if(roles == null) {
+        return this.authorizationService.getRoles().contains(authorizationService.PORTAL_ADMIN);
-            return false;
-        }
-//        log.debug(authorizationService.PORTAL_ADMIN);
-//        log.debug("PortalAdmin: "+roles.contains(authorizationService.PORTAL_ADMIN));
-        return roles.contains(authorizationService.PORTAL_ADMIN);
     }
 
-    public boolean isCurator(List<String> roles, String type) {
+    public boolean isCurator(String type) {
-        if(roles == null) {
+        return this.authorizationService.getRoles().contains(authorizationService.curator(type));
-            return false;
-        }
-//        log.debug(authorizationService.curator(type));
-//        log.debug("Curator in "+type+": "+roles.contains(authorizationService.curator(type)));
-        return roles.contains(authorizationService.curator(type));
     }
 
-    public boolean isManager(List<String> roles, String type, String id) {
+    public boolean isManager(String type, String id) {
-        if(roles == null) {
+        return this.authorizationService.getRoles().contains(authorizationService.manager(type, id));
-            return false;
-        }
-//        log.debug(authorizationService.manager(type, id));
-//        log.debug("Manager in "+type+" - "+id+": "+roles.contains(authorizationService.manager(type, id)));
-        return roles.contains(authorizationService.manager(type, id));
     }
 
-    public boolean isMember(List<String> roles, String type, String id) {
+    public boolean isMember(String type, String id) {
-        if(roles == null) {
+        return this.authorizationService.getRoles().contains(authorizationService.member(type, id));
-            return false;
-        }
-//        log.debug(authorizationService.member(type, id));
-//        log.debug("Member in "+type+" - "+id+": "+roles.contains(authorizationService.member(type, id)));
-        return roles.contains(authorizationService.member(type, id));
     }
 
-    public boolean isLoggedIn(List<String> roles) {
+    public boolean isLoggedIn() {
-        if(roles == null || roles.contains(authorizationService.ANONYMOUS_USER)) {
+        return this.authorizationService.getAaiId() != null;
-            return false;
-        }
-        return true;
     }
 
-    public boolean hasUpdateAuthority(List<String> roles, String type, String id) {
+    public boolean hasUpdateAuthority(String type, String id) {
-        return isPortalAdmin(roles) || isCurator(roles, type) || isManager(roles, type, id);
+        return isPortalAdmin() || isCurator(type) || isManager(type, id);
     }
 
-    public boolean hasCreateAndDeleteAuthority(List<String> roles, String type) {
+    public boolean hasCreateAndDeleteAuthority(String type) {
-        return isPortalAdmin(roles) || isCurator(roles, type);
+        return isPortalAdmin() || isCurator(type);
     }
 }

src/main/java/eu/dnetlib/uoaadmintoolslibrary/services/PageService.java

@@ -241,8 +241,6 @@ public class PageService {
     }
 
     public Boolean deletePages(List<String> pages) throws Exception {
-        List<String> roles = rolesUtils.getRoles();
-
         for (String id: pages) {
             Page page = pageDAO.findById(id);
 
@@ -250,8 +248,8 @@ public class PageService {
                 throw new NullPointerException("Delete page: no page with id: "+id);
             }
 
-            if(!rolesUtils.isPortalAdmin(roles) || (
+            if(!rolesUtils.isPortalAdmin() || (
-                    page.getPortalPid() != null && !rolesUtils.hasUpdateAuthority(roles, page.getPortalType(), page.getPortalPid()))) {
+                    page.getPortalPid() != null && !rolesUtils.hasUpdateAuthority(page.getPortalType(), page.getPortalPid()))) {
                 // EXCEPTION - Access denied
                 throw new ForbiddenException("Delete page: You are not authorized to delete a page for "+page.getPortalType()+
                         (page.getPortalPid()!=null ? " : "+page.getPortalPid() : ""));