uoa-repository-manager-service/src/main/java/eu/dnetlib/repo/manager/service/security/AaiRoleMappingService.java

package eu.dnetlib.repo.manager.service.security;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Service;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.Collection;
import java.util.Objects;
import java.util.stream.Collectors;

@Service("roleMappingService")
public class AaiRoleMappingService implements RoleMappingService {

    private static final Logger logger = LoggerFactory.getLogger(AaiRoleMappingService.class);

    @Value("${services.provide.aai.registry.production:true}")
    private boolean production;

    @Override
    public String getRepositoryId(String roleId) {
        if (!roleActive(roleId)) {
            return null;
        }
        return roleId.replaceFirst(".*datasource\\.", "").replace("$", ":");
    }

    @Override
    public Collection<String> getRepositoryIds(Collection<String> roleIds) {
        return roleIds
                .stream()
                .map(this::getRepositoryId)
                .filter(Objects::nonNull)
                .collect(Collectors.toList());
    }

    @Override
    public String getRole(String repoId) {
        String role = null;
        String prefix = (production ? "" : "beta.") + "datasource";
        if (repoId != null) {
            role = createRole(prefix, repoId);
        }
        return role;
    }

    @Override
    public Collection<String> getRoles(Collection<String> repoIds) {
        return repoIds
                .stream()
                .map(this::getRole)
                .filter(Objects::nonNull)
                .collect(Collectors.toList());
    }

    @Override
    public String authorityToRepositoryId(GrantedAuthority authority) {
        String repo = null;
        String auth = null;
        try {
            auth = URLDecoder.decode(authority.getAuthority(), "UTF-8").toLowerCase();
        } catch (UnsupportedEncodingException e) {
            logger.error("", e);
        }

        if (auth != null && roleActive(auth)) {
            repo = auth
                    .replaceFirst(".*datasource\\_", "")
                    .replace("$", ":")
                    .toLowerCase();
        }
        return repo;
    }

    @Override
    public GrantedAuthority repositoryIdToAuthority(String repoId) {
        String role = null;
        try {
            role = URLEncoder.encode(convertRepoIdToAuthorityId(repoId), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            logger.error("", e);
        }
        return new SimpleGrantedAuthority(role);
    }

    private String createRole(String prefix, String repoId) {
        return prefix + "." + repoId.replace(":", "$");
    }

    private boolean roleActive(String roleId) {
        return (production && !roleId.toLowerCase().startsWith("beta"))
                || (!production && roleId.toLowerCase().startsWith("beta"));
    }

    private String convertRepoIdToAuthorityId(String repoId) {
        StringBuilder roleBuilder = new StringBuilder();
        String role = "";
        if (repoId != null) {
            roleBuilder.append(production ? "" : "beta.");
            roleBuilder.append("datasource.");
            roleBuilder.append(repoId.replace(":", "$"));
            role = roleBuilder.toString().replace(".", "_").toUpperCase();
        }
        return role;
    }
}
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`package eu.dnetlib.repo.manager.service.security;`

replaced log4j2 with slf4j 2023-01-11 17:50:31 +01:00			`import org.slf4j.Logger;`
			`import org.slf4j.LoggerFactory;`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`import org.springframework.beans.factory.annotation.Value;`
			`import org.springframework.security.core.GrantedAuthority;`
			`import org.springframework.security.core.authority.SimpleGrantedAuthority;`
			`import org.springframework.stereotype.Service;`

Improved role functionality 2023-02-17 15:17:37 +01:00			`import java.io.UnsupportedEncodingException;`
			`import java.net.URLDecoder;`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`import java.net.URLEncoder;`
			`import java.util.Collection;`
			`import java.util.Objects;`
			`import java.util.stream.Collectors;`

			`@Service("roleMappingService")`
			`public class AaiRoleMappingService implements RoleMappingService {`

replaced log4j2 with slf4j 2023-01-11 17:50:31 +01:00			`private static final Logger logger = LoggerFactory.getLogger(AaiRoleMappingService.class);`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00
merged properties branch 2021-10-26 13:46:08 +02:00			`@Value("${services.provide.aai.registry.production:true}")`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`private boolean production;`

			`@Override`
Improved role functionality 2023-02-17 15:17:37 +01:00			`public String getRepositoryId(String roleId) {`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`if (!roleActive(roleId)) {`
			`return null;`
			`}`
			`return roleId.replaceFirst(".*datasource\\.", "").replace("$", ":");`
			`}`

			`@Override`
Improved role functionality 2023-02-17 15:17:37 +01:00			`public Collection<String> getRepositoryIds(Collection<String> roleIds) {`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`return roleIds`
			`.stream()`
Improved role functionality 2023-02-17 15:17:37 +01:00			`.map(this::getRepositoryId)`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`.filter(Objects::nonNull)`
			`.collect(Collectors.toList());`
			`}`

			`@Override`
Improved role functionality 2023-02-17 15:17:37 +01:00			`public String getRole(String repoId) {`
			`String role = null;`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`String prefix = (production ? "" : "beta.") + "datasource";`
			`if (repoId != null) {`
Improved role functionality 2023-02-17 15:17:37 +01:00			`role = createRole(prefix, repoId);`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`}`
Improved role functionality 2023-02-17 15:17:37 +01:00			`return role;`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`}`

			`@Override`
Improved role functionality 2023-02-17 15:17:37 +01:00			`public Collection<String> getRoles(Collection<String> repoIds) {`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`return repoIds`
			`.stream()`
Improved role functionality 2023-02-17 15:17:37 +01:00			`.map(this::getRole)`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`.filter(Objects::nonNull)`
			`.collect(Collectors.toList());`
			`}`

			`@Override`
Improved role functionality 2023-02-17 15:17:37 +01:00			`public String authorityToRepositoryId(GrantedAuthority authority) {`
			`String repo = null;`
			`String auth = null;`
			`try {`
			`auth = URLDecoder.decode(authority.getAuthority(), "UTF-8").toLowerCase();`
			`} catch (UnsupportedEncodingException e) {`
			`logger.error("", e);`
			`}`

			`if (auth != null && roleActive(auth)) {`
			`repo = auth`
			`.replaceFirst(".*datasource\\_", "")`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`.replace("$", ":")`
			`.toLowerCase();`
			`}`
			`return repo;`
			`}`

			`@Override`
Improved role functionality 2023-02-17 15:17:37 +01:00			`public GrantedAuthority repositoryIdToAuthority(String repoId) {`
			`String role = null;`
			`try {`
			`role = URLEncoder.encode(convertRepoIdToAuthorityId(repoId), "UTF-8");`
			`} catch (UnsupportedEncodingException e) {`
			`logger.error("", e);`
			`}`
			`return new SimpleGrantedAuthority(role);`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`}`

Improved role functionality 2023-02-17 15:17:37 +01:00			`private String createRole(String prefix, String repoId) {`
			`return prefix + "." + repoId.replace(":", "$");`
			`}`

			`private boolean roleActive(String roleId) {`
			`return (production && !roleId.toLowerCase().startsWith("beta"))`
			`\|\| (!production && roleId.toLowerCase().startsWith("beta"));`
			`}`

			`private String convertRepoIdToAuthorityId(String repoId) {`
merged branch aai_roles_new to trunk 2021-07-21 13:51:18 +02:00			`StringBuilder roleBuilder = new StringBuilder();`
			`String role = "";`
			`if (repoId != null) {`
			`roleBuilder.append(production ? "" : "beta.");`
			`roleBuilder.append("datasource.");`
			`roleBuilder.append(repoId.replace(":", "$"));`
			`role = roleBuilder.toString().replace(".", "_").toUpperCase();`
			`}`
			`return role;`
			`}`
			`}`