package eu.dnetlib.repo.manager.controllers; import eu.dnetlib.domain.data.Repository; import eu.dnetlib.domain.data.RepositoryInterface; import eu.dnetlib.repo.manager.domain.*; import eu.dnetlib.repo.manager.domain.dto.User; import eu.dnetlib.repo.manager.exception.ResourceNotFoundException; import eu.dnetlib.repo.manager.service.RepositoryService; import eu.dnetlib.repo.manager.service.security.AuthorizationService; import eu.dnetlib.repo.manager.utils.JsonUtils; import io.swagger.annotations.Api; import org.apache.log4j.Logger; import org.json.JSONException; import org.mitre.openid.connect.model.OIDCAuthenticationToken; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.security.access.prepost.PostAuthorize; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.bind.annotation.*; import javax.ws.rs.core.Response; import java.io.IOException; import java.util.List; import java.util.Map; @RestController @RequestMapping(value = "/repositories") @Api(description = "Repository API", tags = {"repositories"}) public class RepositoryController { private static final Logger logger = Logger.getLogger(RepositoryController.class); private final RepositoryService repositoryService; private final AuthorizationService authorizationService; @Autowired RepositoryController(RepositoryService repositoryService, AuthorizationService authorizationService) { this.repositoryService = repositoryService; this.authorizationService = authorizationService; } @RequestMapping(value = "/countries", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public Country[] getCountries() { return repositoryService.getCountries(); } @RequestMapping(value = "/getRepositoriesByCountry/{country}/{mode}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public List getRepositoriesByCountry(@PathVariable("country") String country, @PathVariable("mode") String mode, @RequestParam(value = "managed", required = false) Boolean managed) throws JSONException, IOException { return repositoryService.getRepositoriesByCountry(country, mode, managed); } @RequestMapping(value = "/snippets/user", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody @PreAuthorize("hasAuthority('REGISTERED_USER')") public List getRepositoriesSnippetsOfUser() throws Exception { return repositoryService.getRepositoriesSnippetsOfUser("0", "100"); } @RequestMapping(value = "/searchRegisteredRepositories/{page}/{size}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody @PreAuthorize("hasAuthority('SUPER_ADMINISTRATOR') or hasAuthority('CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR')") public List searchRegisteredRepositories(@RequestParam(name = "country", required = false) String country, @RequestParam(name = "typology", required = false) String typology, @RequestParam(name = "englishName", required = false) String englishName, @RequestParam(name = "officialName", required = false) String officialName, @RequestParam("requestSortBy") String requestSortBy, @RequestParam("order") String order, @PathVariable("page") int page, @PathVariable("size") int pageSize) throws Exception { return repositoryService.searchRegisteredRepositories(country, typology, englishName, officialName, requestSortBy, order, page, pageSize); } @RequestMapping(value = "/getRepositoryById/{id}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody @PostAuthorize("hasAnyAuthority('SUPER_ADMINISTRATOR', 'CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or @authorizationService.isMemberOf(#id) or (returnObject.registeredBy=='null' and hasAuthority('REGISTERED_USER'))") public Repository getRepositoryById(@PathVariable("id") String id) throws JSONException, ResourceNotFoundException { Repository repo = repositoryService.getRepositoryById(id); if (repo != null) logger.info("Returning repository " + repo.getId() + " registered by " + repo.getRegisteredBy()); else logger.info("Requested repository " + id + " not found"); return repo; } @RequestMapping(value = "/getRepositoryAggregations/{id}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public List getRepositoryAggregations(@PathVariable("id") String id) throws JSONException { return repositoryService.getRepositoryAggregations(id, 0, 20); } @RequestMapping(value = "/getRepositoryAggregationsByYear/{id}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public Map> getRepositoryAggregationsByYear(@PathVariable("id") String id) throws JSONException { return repositoryService.getRepositoryAggregationsByYear(id); } @RequestMapping(value = "/getRepositoriesByName/{name:.+}/{page}/{size}/", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public List getRepositoriesByName(@PathVariable("name") String name, @PathVariable("page") String page, @PathVariable("size") String size) throws JSONException { return repositoryService.getRepositoriesByName(name, page, size); } @RequestMapping(value = "/getRepositoryInterface/{id}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody @PostAuthorize("hasAuthority('SUPER_ADMINISTRATOR') or hasAuthority('CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or @authorizationService.isMemberOf(#id) or (@repositoryService.getRepositoryById(#id).registeredBy=='null' and hasAuthority('REGISTERED_USER'))") public List getRepositoryInterface(@PathVariable("id") String id) throws JSONException { return repositoryService.getRepositoryInterface(id); } @RequestMapping(value = "/addRepository", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE) @ResponseBody // @PreAuthorize("hasAuthority('SUPER_ADMINISTRATOR') or hasAuthority('CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or (hasAuthority(@authorizationService.convertRepoIdToRoleId(#repository.id)) or hasAuthority(@authorizationService.convertRepoIdToRoleId(returnObject.id)))") @PreAuthorize("hasAuthority('SUPER_ADMINISTRATOR') or hasAuthority('CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or hasAuthority('REGISTERED_USER')") public Repository addRepository(@RequestParam("datatype") String datatype, @RequestBody Repository repository) throws Exception { return repositoryService.addRepository(datatype, repository); } @RequestMapping(value = "/getDnetCountries", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public List getDnetCountries() { return repositoryService.getDnetCountries(); } @RequestMapping(value = "/getTypologies", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public List getTypologies() { return repositoryService.getTypologies(); } @RequestMapping(value = "/getTimezones", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public List getTimezones() { return repositoryService.getTimezones(); } @RequestMapping(value = "/updateRepository", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE) @ResponseBody @PreAuthorize("hasAuthority('SUPER_ADMINISTRATOR') or hasAuthority('CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or @authorizationService.isMemberOfInterface(#repository.id)") public Repository updateRepository(@RequestBody Repository repository, Authentication authentication) throws Exception { return repositoryService.updateRepository(repository, authentication); } @RequestMapping(value = "/deleteInterface/", method = RequestMethod.DELETE) @PreAuthorize("hasAuthority('SUPER_ADMINISTRATOR') or hasAuthority('CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or @authorizationService.isMemberOfInterface(#id)") public void deleteRepositoryInterface(@RequestParam("id") String id, @RequestParam("registeredBy") String registeredBy) { repositoryService.deleteRepositoryInterface(id, registeredBy); } @RequestMapping(value = "/addInterface", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE) @ResponseBody @PreAuthorize("hasAuthority('SUPER_ADMINISTRATOR') or hasAuthority('CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or @authorizationService.isMemberOf(#id)") public RepositoryInterface addRepositoryInterface(@RequestParam("datatype") String datatype, @RequestParam("repoId") String id, @RequestParam("registeredBy") String registeredBy, @RequestParam(value = "comment", required = false) String comment, @RequestBody RepositoryInterface repositoryInterface) throws Exception { return repositoryService.addRepositoryInterface(datatype, id, registeredBy, comment, repositoryInterface); } @RequestMapping(value = "/updateRepositoryInterface", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE) @ResponseBody @PreAuthorize("hasAuthority('SUPER_ADMINISTRATOR') or hasAuthority('CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or @authorizationService.isMemberOf(#id)") public RepositoryInterface updateRepositoryInterface(@RequestParam("repoId") String id, @RequestParam("registeredBy") String registeredBy, @RequestParam(value = "comment", required = false) String comment, @RequestBody RepositoryInterface repositoryInterface) throws Exception { return repositoryService.updateRepositoryInterface(id, registeredBy, comment, repositoryInterface); } @RequestMapping(value = "/getUrlsOfUserRepos/{page}/{size}/", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody @PreAuthorize("hasAuthority('REGISTERED_USER')") public List getUrlsOfUserRepos(@PathVariable("page") String page, @PathVariable("size") String size) { return repositoryService.getUrlsOfUserRepos(((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getUserInfo().getEmail(), page, size); } @RequestMapping(value = "/getDatasourceVocabularies/{mode}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public List getDatasourceVocabularies(@PathVariable("mode") String mode) { return repositoryService.getDatasourceVocabularies(mode); } @RequestMapping(value = "/getCompatibilityClasses/{mode}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public Map getCompatibilityClasses(@PathVariable("mode") String mode) { return repositoryService.getCompatibilityClasses(mode); } @RequestMapping(value = "/getDatasourceClasses/{mode}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public Map getDatasourceClasses(@PathVariable("mode") String mode) { return repositoryService.getDatasourceClasses(mode); } @RequestMapping(value = "/getMetricsInfoForRepository/{id}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public MetricsInfo getMetricsInfoForRepository(@PathVariable("id") String id) throws RepositoryServiceException { return repositoryService.getMetricsInfoForRepository(id); } @RequestMapping(value = "/getListLatestUpdate/{mode}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @ResponseBody public Map getListLatestUpdate(@PathVariable("mode") String mode) throws JSONException { return repositoryService.getListLatestUpdate(mode); } /////////////////////////////////////////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////////////////////////////////////////// /** * Get all the admins of the repository */ @RequestMapping(method = RequestMethod.GET, path = "{id}/admins") @PreAuthorize("hasAnyAuthority('SUPER_ADMINISTRATOR', 'CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or @authorizationService.isMemberOf(#id)") public ResponseEntity> getAdminsOfARepo(@PathVariable("id") String id) { return new ResponseEntity<>(authorizationService.getAdminsOfRepo(id), HttpStatus.OK); } /** * Subscribe to repo by email */ @RequestMapping(method = RequestMethod.POST, path = "{id}/admins") @PreAuthorize("hasAnyAuthority('SUPER_ADMINISTRATOR', 'CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or @authorizationService.isMemberOf(#id)") public Response subscribeByEmail(@PathVariable("id") String id, @RequestBody String email) throws ResourceNotFoundException { authorizationService.addAdmin(id, email); return Response.status(HttpStatus.OK.value()).entity(JsonUtils.createResponse("Role has been assigned").toString()).type(javax.ws.rs.core.MediaType.APPLICATION_JSON).build(); } /** * Unsubscribe from repo by email */ @RequestMapping(method = RequestMethod.DELETE, path = "{id}/admins/{email:.+}") @PreAuthorize("hasAnyAuthority('SUPER_ADMINISTRATOR', 'CONTENT_PROVIDER_DASHBOARD_ADMINISTRATOR') or @authorizationService.isMemberOf(#id)") public ResponseEntity unsubscribeByEmail(@PathVariable("id") String id, @PathVariable("email") String email) throws ResourceNotFoundException { authorizationService.removeAdmin(id, email); return new ResponseEntity<>(HttpStatus.NO_CONTENT); } }