From 7c5020c2059942c85cc99213aded495a0a021706 Mon Sep 17 00:00:00 2001
From: Konstantinos Spyrou <spyroukon@gmail.com>
Date: Wed, 18 Jan 2023 16:54:18 +0200
Subject: [PATCH] update user roles using identifier instead of email

---
 .../aai/registry/AaiRegistryService.java      | 10 +++++-
 .../service/aai/registry/RegistryCalls.java   | 31 +++++++++++++++++--
 .../service/aai/registry/utils/HttpUtils.java | 18 ++---------
 .../security/AuthorizationServiceImpl.java    |  8 +++--
 4 files changed, 45 insertions(+), 22 deletions(-)

diff --git a/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/AaiRegistryService.java b/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/AaiRegistryService.java
index e54aebb..ac6a69b 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/AaiRegistryService.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/AaiRegistryService.java
@@ -26,7 +26,15 @@ public interface AaiRegistryService {
     Integer getCoPersonIdByEmail(String email);
 
     /**
-     * 1. Get CoPersonId List by Email
+     * 1.3 Get a list of User Identifiers by Email
+     *
+     * @param email
+     * @return
+     */
+    List<String> getUserIdentifiersByEmail(String email);
+
+    /**
+     * 1.4 Get CoPersonId List by Email
      *
      * @param email
      * @return
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/RegistryCalls.java b/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/RegistryCalls.java
index ceeb05b..ce46c5b 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/RegistryCalls.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/RegistryCalls.java
@@ -5,12 +5,13 @@ import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
 import eu.dnetlib.repo.manager.domain.dto.Role;
 import eu.dnetlib.repo.manager.domain.dto.User;
-import eu.dnetlib.repo.manager.service.aai.registry.utils.RegistryUtils;
 import eu.dnetlib.repo.manager.service.aai.registry.utils.HttpUtils;
+import eu.dnetlib.repo.manager.service.aai.registry.utils.RegistryUtils;
 import org.mitre.openid.connect.model.OIDCAuthenticationToken;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 
@@ -27,11 +28,13 @@ public class RegistryCalls implements AaiRegistryService {
 
     public final HttpUtils httpUtils;
     public final RegistryUtils jsonUtils;
+    private final String coid;
 
     @Autowired
-    RegistryCalls(HttpUtils httpUtils, RegistryUtils registryUtils) {
+    RegistryCalls(HttpUtils httpUtils, RegistryUtils registryUtils, @Value("${services.provide.aai.registry.coid}") String coid) {
         this.httpUtils = httpUtils;
         this.jsonUtils = registryUtils;
+        this.coid = coid;
     }
 
     private String mapType(String type, boolean communityMap) {
@@ -62,6 +65,7 @@ public class RegistryCalls implements AaiRegistryService {
     public Integer getCoPersonIdByEmail(String email) {
         Map<String, String> params = new HashMap<>();
         params.put("mail", email);
+        params.put("coid", coid);
         JsonElement response = httpUtils.get("co_people.json", params);
         if (response != null) {
             JsonArray coPeople = response.getAsJsonObject().get("CoPeople").getAsJsonArray();
@@ -72,11 +76,31 @@ public class RegistryCalls implements AaiRegistryService {
         return null;
     }
 
+    @Override
+    public List<String> getUserIdentifiersByEmail(String email) {
+        List<String> ids = new ArrayList<>();
+        Map<String, String> params = new HashMap<>();
+        params.put("copersonid", getCoPersonIdByEmail(email).toString());
+
+        JsonElement response = httpUtils.get("identifiers.json", params);
+        if (response != null) {
+            JsonArray infos = response.getAsJsonObject().get("Identifiers").getAsJsonArray();
+            infos.forEach(info -> {
+                JsonObject jsonInfo = info.getAsJsonObject();
+                if (!jsonInfo.get("Deleted").getAsBoolean()) {
+                    ids.add(jsonInfo.get("Identifier").getAsString());
+                }
+            });
+        }
+        return ids;
+    }
+
     @Override
     public List<Integer> getCoPersonIdsByEmail(String email) {
         List<Integer> coPersonIds = new ArrayList<>();
         Map<String, String> params = new HashMap<>();
         params.put("mail", email);
+        params.put("coid", coid);
         JsonElement response = httpUtils.get("co_people.json", params);
         if (response != null) {
             JsonArray coPeople = response.getAsJsonObject().get("CoPeople").getAsJsonArray();
@@ -102,6 +126,7 @@ public class RegistryCalls implements AaiRegistryService {
     public Integer getCoPersonIdByIdentifier(String sub) {
         Map<String, String> params = new HashMap<>();
         params.put("search.identifier", sub);
+        params.put("coid", coid);
         JsonElement response = httpUtils.get("co_people.json", params);
         return (response != null) ? response.getAsJsonObject().get("CoPeople").getAsJsonArray().get(0).getAsJsonObject().get("Id").getAsInt() : null;
     }
@@ -368,7 +393,7 @@ public class RegistryCalls implements AaiRegistryService {
         params.put("copersonid", coPersonId.toString());
         JsonElement response = httpUtils.get("names.json", params);
         JsonObject info = (response != null) ? response.getAsJsonObject().get("Names").getAsJsonArray().get(0).getAsJsonObject() : null;
-        if ( info != null ) {
+        if (info != null) {
             JsonObject jsonInfo = info.getAsJsonObject();
             return jsonInfo.get("Given").getAsString() + " " + jsonInfo.get("Family").getAsString();
         } else
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/utils/HttpUtils.java b/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/utils/HttpUtils.java
index 44ff24c..c88c5b4 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/utils/HttpUtils.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/aai/registry/utils/HttpUtils.java
@@ -16,7 +16,6 @@ import org.springframework.web.util.UriComponentsBuilder;
 
 import java.nio.charset.StandardCharsets;
 import java.util.Collections;
-import java.util.HashMap;
 import java.util.Map;
 
 @Component
@@ -33,9 +32,6 @@ public class HttpUtils {
     @Value("${services.provide.aai.registry.password}")
     private String password;
 
-    @Value("2")
-    private String coid;
-
     public JsonElement post(String path, JsonObject body) {
         RestTemplate restTemplate = new RestTemplate();
         HttpHeaders headers = createHeaders(user, password);
@@ -70,17 +66,7 @@ public class HttpUtils {
         return getResponseEntityAsJsonElement(responseEntity);
     }
 
-    private Map<String, String> addCoId(Map<String, String> params) {
-        if(params == null) {
-            params = new HashMap<>();
-        }
-        params.put("coid", coid);
-        return params;
-    }
-
-
     private String createUrl(String baseAddress, Map<String, String> params) {
-        params = addCoId(params);
         LinkedMultiValueMap<String, String> multiValueMap = new LinkedMultiValueMap<>();
         params.forEach((k, v) -> multiValueMap.put(k, Collections.singletonList(v)));
         UriComponents uriComponents = UriComponentsBuilder
@@ -101,11 +87,11 @@ public class HttpUtils {
 
     private JsonElement getResponseEntityAsJsonElement(ResponseEntity<String> responseEntity) {
 
-        if ( responseEntity == null )
+        if (responseEntity == null)
             return null;
 
         String responseBody = responseEntity.getBody();
-        if ( responseBody != null ) {
+        if (responseBody != null) {
             logger.debug(responseBody);
             try {
                 return new JsonParser().parse(responseBody);
diff --git a/src/main/java/eu/dnetlib/repo/manager/service/security/AuthorizationServiceImpl.java b/src/main/java/eu/dnetlib/repo/manager/service/security/AuthorizationServiceImpl.java
index ad4dcfc..56a71c2 100644
--- a/src/main/java/eu/dnetlib/repo/manager/service/security/AuthorizationServiceImpl.java
+++ b/src/main/java/eu/dnetlib/repo/manager/service/security/AuthorizationServiceImpl.java
@@ -90,7 +90,9 @@ public class AuthorizationServiceImpl implements AuthorizationService {
                 aaiRegistryService.assignMemberRole(coPersonId, couId);
 
                 // Add role to user current authorities
-                authoritiesUpdater.addRole(email, roleMappingService.convertRepoIdToAuthority(resourceId));
+                for (String userId : aaiRegistryService.getUserIdentifiersByEmail(email)) {
+                    authoritiesUpdater.addRole(userId, roleMappingService.convertRepoIdToAuthority(resourceId));
+                }
 
                 return true;
             } else {
@@ -115,7 +117,9 @@ public class AuthorizationServiceImpl implements AuthorizationService {
                 aaiRegistryService.removeMemberRole(coPersonId, couId, roleId);
 
                 // Remove role from user current authorities
-                authoritiesUpdater.removeRole(email, roleMappingService.convertRepoIdToAuthority(resourceId));
+                for (String userId : aaiRegistryService.getUserIdentifiersByEmail(email)) {
+                    authoritiesUpdater.removeRole(userId, roleMappingService.convertRepoIdToAuthority(resourceId));
+                }
 
                 return true;
             } else {